apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: >
      {"apiVersion":"tekton.dev/v1beta1","kind":"Task","metadata":{"annotations":{},"name":"setup-bmc","namespace":"baremetal-cr"},"spec":{"params":[{"description":"The
      username for the
      BMC","name":"bmc-user","type":"string"},{"description":"The password for
      the BMC","name":"bmc-pass","type":"string"},{"description":"OpenShift
      cluster name for virtual
      media","name":"ocp-cluster-name","type":"string"},{"description":"infra
      env","name":"infra-env","type":"string"},{"default":"acm-config","description":"namespace
      of
      rackvars","name":"rack-ns","type":"string"}],"steps":[{"env":[{"name":"infra-env","value":"$(params.infra-env)"},{"name":"rack-ns","value":"$(params.rack-ns)"},{"name":"hp-redfish-prefix","value":"redfish-virtualmedia://"},{"name":"dell-redfish-prefix","value":"idrac-virtualmedia://"},{"name":"hp-redfish-endpoint","value":"/redfish/v1/Systems/1"},{"name":"dell-redfish-endpoint","value":"/redfish/v1/Systems/System.Embedded.1"}],"image":"docker-enterprise-dev.artifactrepository.citigroup.net/cate-citisystems-openshift/openshift4:4.12.33-x86_64-cli","name":"setup-bmc","resources":{},"script":"#!/usr/bin/env
      python3\nimport os\nimport requests\nimport json\n\n# Disable warnings for
      SSL Certificate\nrequests.packages.urllib3.disable_warnings()\ninfra_env =
      os.environ['infra-env']\nrack_ns = os.environ['rack-ns']
      \nmachines=json.loads(os.popen('oc get rack %s -n %s -o
      jsonpath={.spec.machines}' % (infra_env,rack_ns)).read())\ndns_domain =
      os.popen('oc get rack %s -n %s -o jsonpath={.spec.dns_domain}' %
      (infra_env,rack_ns)).read()\nvendor = os.popen('oc get rack %s -n %s -o
      jsonpath={.spec.hardware_vendor}' %
      (infra_env,rack_ns)).read()\n\nbmc_user = \"$(params.bmc-user)\"\nbmc_pass
      = \"$(params.bmc-pass)\"\nocp_cluster_name =
      \"$(params.ocp-cluster-name)\"\nok_status = [200, 201, 202, 203,
      204]\n     \n\n# Virtual Media Operations \nfor machine in machines:\n   
      name = machine['name']\n    bmc_ip = machine['bmc_ip']\n    host_mac =
      machine['host_mac']\n    fqdn = f\"{name}.{dns_domain}\"\n    node_type =
      machine['node_type']\n\n    session_url =
      f\"https://{bmc_ip}/redfish/v1/SessionService/Sessions/\"\n\n   
      system_url = f\"https://{bmc_ip}/redfish/v1/Systems\"\n\n    managers_url
      = f\"https://{bmc_ip}/redfish/v1/Managers\"\n\n    # Create a session to
      get the X-Auth-Token\n\n    response = requests.post(session_url,
      verify=False,\n    headers={\"Content-Type\": \"application/json\"},
      json={\"UserName\":\n    bmc_user, \"Password\": bmc_pass})\n\n    if
      response.status_code in ok_status:\n        print(f\"\\n\\nSession created
      to get X-Auth-Token to perform Virtual Media Operations on {node_type}
      node.\")\n    else:\n        print('Failed to create a session to get
      X-Auth-Token. Status code:', response.status_code)\n\n    token =
      response.headers.get(\"X-Auth-Token\")\n\n    session_id =
      response.headers.get(\"Location\")\n            \n    # Use token for
      subsequent requests\n\n    auth_header = {\"X-Auth-Token\": token}\n\n   
      # Get system information\n\n    response_systems =
      requests.get(system_url, headers=auth_header,\n    verify=False)\n\n   
      systems_endpoint =
      response_systems.json()['Members'][0]['@odata.id']\n\n    # Get Vendor
      information\n\n    manufacturer_response =
      requests.get(f\"https://{bmc_ip}{systems_endpoint}\",\n   
      headers=auth_header, verify=False)\n\n    manufacturer =
      manufacturer_response.json()['Manufacturer']\n\n    print(f\"Manufacturer:
      {manufacturer}\")\n\n    # Get Manager information\n\n   
      response_managers = requests.get(managers_url, headers=auth_header,\n   
      verify=False)\n\n    managers_endpoint =
      response_managers.json()['Members'][0]['@odata.id']\n\n    # Virtual Media
      Operations based on Vendor \n\n    if \"Dell\" in manufacturer:\n\n       
      virtual_media_url =
      f\"https://{bmc_ip}{managers_endpoint}/VirtualMedia\"\n\n       
      response_virtual_media = requests.get(virtual_media_url,
      headers=auth_header, verify=False) \n\n        cd_endpoint =
      response_virtual_media.json()['Members'][1]['@odata.id']\n\n       
      eject_media_url =
      f\"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.EjectMedia\"\n\n       
      insert_media_url =
      f\"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.InsertMedia\"\n\n       
      # Eject virtual media \n        virtual_media_body = {}\n\n       
      response = requests.post(eject_media_url, headers=auth_header,
      json=virtual_media_body, verify=False)\n\n        if response.status_code
      in ok_status:\n            print('Eject virtual media is successfully
      completed.')\n        else:\n            print('Failed to eject virtual
      media. Status code:', response.status_code)\n\n        # Insert virtual
      media \n        virtual_media_body = {\n            \"Image\":
      f\"https://10.40.109.144:31000/{node_type}-rhcos-live.x86_64.iso\",\n           
      \"Inserted\": True,\n            \"WriteProtected\": True\n       
      }\n\n        response = requests.post(insert_media_url,
      headers=auth_header, json=virtual_media_body, verify=False)\n\n        if
      response.status_code in ok_status:\n            print('Insert virtual
      media is successfully completed.')\n        else:\n           
      print('Failed to insert virtual media. Status code:',
      response.status_code)\n\n        # Set virtual media to boot on next
      reset\n\n        virtual_media_url =
      f\"https://{bmc_ip}{managers_endpoint}/Attributes\"\n       
      virtual_media_body = {\n            \"Attributes\": {\n               
      \"VirtualMedia.1.Attached\": \"AutoAttach\",\n               
      \"VirtualMedia.1.BootOnce\": \"Enabled\",\n               
      \"VirtualMedia.1.Enable\": \"Enabled\",\n               
      \"VirtualMedia.1.EncryptEnable\": \"Enabled\",\n               
      \"VirtualMedia.1.FloppyEmulation\": \"Disabled\"\n            }\n       
      }\n\n        response = requests.patch(virtual_media_url,
      headers=auth_header, json=virtual_media_body, verify=False)\n       
      \n        if response.status_code in ok_status:\n           
      print('Virtual media set is successfully completed.')\n       
      else:\n            print('Failed to set virtual media. Status code:',
      response.status_code)\n\n        # Task: Power On Host\n       
      power_on_url =
      f\"https://{bmc_ip}{systems_endpoint}/Actions/ComputerSystem.Reset\"\n       
      power_on_body = {\n            \"ResetType\": \"ForceRestart\"\n       
      }\n\n        response = requests.post(power_on_url, headers=auth_header,
      json=power_on_body, verify=False)\n        \n        if
      response.status_code in ok_status:\n            print('Host powered on
      successfully.')\n        else:\n            print('Failed to power on
      host. Status code:', response.status_code)\n\n    # Close Session\n\n   
      session_id_url = f'https://{bmc_ip}{session_id}'\n\n    response =
      requests.delete(session_id_url, headers=auth_header, verify=False)\n\n   
      if response.status_code in ok_status:\n        print('Session closed
      successfully.')\n    else:\n        print('Failed to close session. Status
      code:', response.status_code)\n    \n"}],"workspaces":[{"description":"The
      git repo will be cloned onto the volume backing this
      Workspace.","name":"output"}]}}
  creationTimestamp: '2024-02-15T21:27:02Z'
  generation: 48
  managedFields:
    - apiVersion: tekton.dev/v1beta1
      fieldsType: FieldsV1
      fieldsV1:
        'f:spec':
          .: {}
          'f:workspaces': {}
      manager: Mozilla
      operation: Update
      time: '2024-02-26T20:45:41Z'
    - apiVersion: tekton.dev/v1beta1
      fieldsType: FieldsV1
      fieldsV1:
        'f:metadata':
          'f:annotations':
            .: {}
            'f:kubectl.kubernetes.io/last-applied-configuration': {}
        'f:spec':
          'f:params': {}
          'f:steps': {}
      manager: kubectl-client-side-apply
      operation: Update
      time: '2024-03-06T18:00:11Z'
  name: setup-bmc
  namespace: baremetal-cr
  resourceVersion: '350208777'
  uid: 9068830e-1651-442d-bf7e-ba67e89cb1f2
spec:
  params:
    - description: The username for the BMC
      name: bmc-user
      type: string
    - description: The password for the BMC
      name: bmc-pass
      type: string
    - description: OpenShift cluster name for virtual media
      name: ocp-cluster-name
      type: string
    - description: infra env
      name: infra-env
      type: string
    - default: acm-config
      description: namespace of rackvars
      name: rack-ns
      type: string
  steps:
    - env:
        - name: infra-env
          value: $(params.infra-env)
        - name: rack-ns
          value: $(params.rack-ns)
        - name: hp-redfish-prefix
          value: 'redfish-virtualmedia://'
        - name: dell-redfish-prefix
          value: 'idrac-virtualmedia://'
        - name: hp-redfish-endpoint
          value: /redfish/v1/Systems/1
        - name: dell-redfish-endpoint
          value: /redfish/v1/Systems/System.Embedded.1
      image: >-
        docker-enterprise-dev.artifactrepository.citigroup.net/cate-citisystems-openshift/openshift4:4.12.33-x86_64-cli
      name: setup-bmc
      resources: {}
      script: >
        #!/usr/bin/env python3

        import os

        import requests

        import json


        # Disable warnings for SSL Certificate

        requests.packages.urllib3.disable_warnings()

        infra_env = os.environ['infra-env']

        rack_ns = os.environ['rack-ns'] 

        machines=json.loads(os.popen('oc get rack %s -n %s -o
        jsonpath={.spec.machines}' % (infra_env,rack_ns)).read())

        dns_domain = os.popen('oc get rack %s -n %s -o
        jsonpath={.spec.dns_domain}' % (infra_env,rack_ns)).read()

        vendor = os.popen('oc get rack %s -n %s -o
        jsonpath={.spec.hardware_vendor}' % (infra_env,rack_ns)).read()


        bmc_user = "$(params.bmc-user)"

        bmc_pass = "$(params.bmc-pass)"

        ocp_cluster_name = "$(params.ocp-cluster-name)"

        ok_status = [200, 201, 202, 203, 204]
             

        # Virtual Media Operations 

        for machine in machines:
            name = machine['name']
            bmc_ip = machine['bmc_ip']
            host_mac = machine['host_mac']
            fqdn = f"{name}.{dns_domain}"
            node_type = machine['node_type']

            session_url = f"https://{bmc_ip}/redfish/v1/SessionService/Sessions/"

            system_url = f"https://{bmc_ip}/redfish/v1/Systems"

            managers_url = f"https://{bmc_ip}/redfish/v1/Managers"

            # Create a session to get the X-Auth-Token

            response = requests.post(session_url, verify=False,
            headers={"Content-Type": "application/json"}, json={"UserName":
            bmc_user, "Password": bmc_pass})

            if response.status_code in ok_status:
                print(f"\n\nSession created to get X-Auth-Token to perform Virtual Media Operations on {node_type} node.")
            else:
                print('Failed to create a session to get X-Auth-Token. Status code:', response.status_code)

            token = response.headers.get("X-Auth-Token")

            session_id = response.headers.get("Location")
                    
            # Use token for subsequent requests

            auth_header = {"X-Auth-Token": token}

            # Get system information

            response_systems = requests.get(system_url, headers=auth_header,
            verify=False)

            systems_endpoint = response_systems.json()['Members'][0]['@odata.id']

            # Get Vendor information

            manufacturer_response = requests.get(f"https://{bmc_ip}{systems_endpoint}",
            headers=auth_header, verify=False)

            manufacturer = manufacturer_response.json()['Manufacturer']

            print(f"Manufacturer: {manufacturer}")

            # Get Manager information

            response_managers = requests.get(managers_url, headers=auth_header,
            verify=False)

            managers_endpoint = response_managers.json()['Members'][0]['@odata.id']

            # Virtual Media Operations based on Vendor 

            if "Dell" in manufacturer:

                virtual_media_url = f"https://{bmc_ip}{managers_endpoint}/VirtualMedia"

                response_virtual_media = requests.get(virtual_media_url, headers=auth_header, verify=False) 

                cd_endpoint = response_virtual_media.json()['Members'][1]['@odata.id']

                eject_media_url = f"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.EjectMedia"

                insert_media_url = f"https://{bmc_ip}{cd_endpoint}/Actions/VirtualMedia.InsertMedia"

                # Eject virtual media 
                virtual_media_body = {}

                response = requests.post(eject_media_url, headers=auth_header, json=virtual_media_body, verify=False)

                if response.status_code in ok_status:
                    print('Eject virtual media is successfully completed.')
                else:
                    print('Failed to eject virtual media. Status code:', response.status_code)

                # Insert virtual media 
                virtual_media_body = {
                    "Image": f"https://10.40.109.144:31000/{node_type}-rhcos-live.x86_64.iso",
                    "Inserted": True,
                    "WriteProtected": True
                }

                response = requests.post(insert_media_url, headers=auth_header, json=virtual_media_body, verify=False)

                if response.status_code in ok_status:
                    print('Insert virtual media is successfully completed.')
                else:
                    print('Failed to insert virtual media. Status code:', response.status_code)

                # Set virtual media to boot on next reset

                virtual_media_url = f"https://{bmc_ip}{managers_endpoint}/Attributes"
                virtual_media_body = {
                    "Attributes": {
                        "VirtualMedia.1.Attached": "AutoAttach",
                        "VirtualMedia.1.BootOnce": "Enabled",
                        "VirtualMedia.1.Enable": "Enabled",
                        "VirtualMedia.1.EncryptEnable": "Enabled",
                        "VirtualMedia.1.FloppyEmulation": "Disabled"
                    }
                }

                response = requests.patch(virtual_media_url, headers=auth_header, json=virtual_media_body, verify=False)
                
                if response.status_code in ok_status:
                    print('Virtual media set is successfully completed.')
                else:
                    print('Failed to set virtual media. Status code:', response.status_code)

                # Task: Power On Host
                power_on_url = f"https://{bmc_ip}{systems_endpoint}/Actions/ComputerSystem.Reset"
                power_on_body = {
                    "ResetType": "ForceRestart"
                }

                response = requests.post(power_on_url, headers=auth_header, json=power_on_body, verify=False)
                
                if response.status_code in ok_status:
                    print('Host powered on successfully.')
                else:
                    print('Failed to power on host. Status code:', response.status_code)

            # Close Session

            session_id_url = f'https://{bmc_ip}{session_id}'

            response = requests.delete(session_id_url, headers=auth_header, verify=False)

            if response.status_code in ok_status:
                print('Session closed successfully.')
            else:
                print('Failed to close session. Status code:', response.status_code)
            
  workspaces:
    - description: The git repo will be cloned onto the volume backing this Workspace.
      name: output
